68 matches found
CVE-2008-4609
The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...
Sun Solaris TCP SYN Flood远程拒绝服务漏洞
BUGTRAQ ID: 29089 Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris的TCP实现中的安全漏洞可能允许远程非特权用户在TCP SYN洪水的情况下导致接受新的网络连接速度变慢,可能无法创建网络连接便已超时。此外,单处理器系统还可能由于高CPU使用率而总体变慢,导致整个系统拒绝服务。 这个漏洞影响ndd1M可调节值tcpconnreqmaxq0明显高于默认值1024的主机。该值越大,漏洞被利用后对主机的影响越大。如果这个漏洞被利用,控制台中可看到以下消息: WARNING: High TCP connect timeout rate! Syst...
CVE-2006-3920
The CVE affects Sun Solaris TCP implementation (Solaris 8/9/10) prior to 20060726, where a TCP packet with an incorrect sequence number can trigger an ACK storm and cause remote DoS (resource exhaustion). Root cause: improper TCP sequence handling leading to ACK storm. Affected components: Solari...
Multiple Vendor - TCP Sequence Number Approximation (2)
source: https://www.securityfocus.com/bid/10183/info A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequen...
CVE-2002-0381
The TCP implementation in various BSD operating systems tcpinput.c does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address...
CVE-2001-0328
TCP implementations that use random increments for initial sequence numbers ISN can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN...
Linux Kernel 2.0 Sendmail - Denial of Service
Linux Kernel 2.0 Sendmail - Denial of Service / source: https://www.securityfocus.com/bid/363/info The 2.0.x kernels have a quirk in the TCP implementation that have to do with the accept call returning after only a syn has been recieved as opposed to the three way handshake having been completed...
Linux Kernel 2.0 Sendmail - Denial of Service
/ source: https://www.securityfocus.com/bid/363/info The 2.0.x kernels have a quirk in the TCP implementation that have to do with the accept call returning after only a syn has been recieved as opposed to the three way handshake having been completed. Sendmail, which is compiled on many unices,...